<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ page import="util.ParamUtil"%>
<%@ page import="control.UserControl"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
	<head>
		<title>用户登入</title>
	</head>
	<body> 
		<%
		    String rand = (String) session.getAttribute("rand");
		    String input = request.getParameter("rand");
		    System.out.print(rand);
		    System.out.print(input);
			String username = request.getParameter("username");
			String pwd =  request.getParameter("password");
			if (UserControl.isUser(username, pwd)) {
			   if(!rand.equals(input))
			   {
				%>
				<script type="text/javascript">
				     alert("密码验证错误，请重新输入！");
				     history.back();
				</script>
				<%
				}
				if (username == "" || pwd == "")
			    {
		%>
		<script language="javascript">
			alert("用户名或密码不能为空！");
			history.back();
		</script>
		<%
		        }
		        session.setAttribute("uid",UserControl.getUid(username,pwd));
		        session.setAttribute("username",username);
		        response.sendRedirect("../index.jsp");
				}
			else{
			%>
			<script type="text/javascript">
			    alert("用户名或密码错误,请重新输入！");
			    history.back();
			</script>
			<%
		      }
		 %>
		
	</body>
</html>
